From: Mickaël Salaün <m...@digikod.net> Date: Sat, 24 Sep 2016 20:01:50 +0200
> This prevent future potential pointer leaks when an unprivileged eBPF > program will read a pointer value from its context. Even if > is_valid_access() returns a pointer type, the eBPF verifier replace it > with UNKNOWN_VALUE. The register value that contains a kernel address is > then allowed to leak. Moreover, this fix allows unprivileged eBPF > programs to use functions with (legitimate) pointer arguments. > > Not an issue currently since reg_type is only set for PTR_TO_PACKET or > PTR_TO_PACKET_END in XDP and TC programs that can only be loaded as > privileged. For now, the only unprivileged eBPF program allowed is for > socket filtering and all the types from its context are UNKNOWN_VALUE. > However, this fix is important for future unprivileged eBPF programs > which could use pointers in their context. > > Signed-off-by: Mickaël Salaün <m...@digikod.net> Applied to net-next, thanks.
